package com.gufe.other.interceptor;


import com.gufe.constant.JwtClaimsConstant;
import com.gufe.properties.JwtProperties;
import com.gufe.result.Result;
import com.gufe.utils.BaseContext;
import com.gufe.utils.JwtUtil;
import io.jsonwebtoken.Claims;
import jakarta.servlet.http.Cookie;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;

/**
 * jwt令牌校验的拦截器
 */

@Component
@Slf4j
public class JwtTokenAdminInterceptor implements HandlerInterceptor {

    @Autowired
    private JwtProperties jwtProperties;

    @Autowired
    private UserDetailsService userDetailsService; // 注入 UserDetailsService

    // 目标资源方法执行前执行 返回true 放行 放回false 不放行
    @Override
    public boolean preHandle(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, Object handler) throws Exception {
        /*
         * 校验jwt
         */
        //方法前执行，进行判断
        //判断当前拦截到的是Controller的方法还是其他资源
        if (!(handler instanceof HandlerMethod)) {
            //当前拦截到的不是动态方法，直接放行
            return true;
        }
        //1、从请求头中获取令牌
        // 遍历cookies 从Cookies中获取 adminToken
        String adminToken = null;
        Cookie[] cookies= request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (jwtProperties.getAdminTokenName().equals(cookie.getName())) {
                    adminToken = cookie.getValue();
                    break;
                }
            }
        }
        if(adminToken == null){
            log.info("jwt校验，token为空，请求被拦截");
            //4、不通过，响应401状态码
            response.setStatus(401);
            return false;
        }

        //2、校验令牌
        try {
            log.info("jwt校验:{}", adminToken);
            Claims claims = JwtUtil.parseJWT(jwtProperties.getAdminSecretKey(), adminToken);

            String username = claims.getSubject();
            Long userId = Long.valueOf(claims.get(JwtClaimsConstant.USER_ID).toString());
            log.info("jwt校验通过，当前登录用户id：{}",userId);
            //把登录id记录进当前进程空间
            BaseContext.setCurrentId(userId);


            // 从数据库加载用户权限信息
            UserDetails userDetails = userDetailsService.loadUserByUsername(username);

            // 创建 Authentication 对象
            UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(
                    userDetails,
                    null,
                    userDetails.getAuthorities() // 必须包含角色/权限
            );

            // 设置到 SecurityContext
            SecurityContextHolder.getContext().setAuthentication(authentication);

            //3、通过，放行
            return true;

        } catch (Exception ex) {
            //4、不通过，响应401状态码
            log.info("jwt校验失败");
            response.setStatus(401);
            return false;
        }
    }
}
